fix: validate access token (#1867)

* fix/to_valid_token * eslint * revert * Update server/jwt.go --------- Co-authored-by: boojack <stevenlgtm@gmail.com>

fix: validate access token (#1867)
* fix/to_valid_token * eslint * revert * Update server/jwt.go --------- Co-authored-by: boojack <stevenlgtm@gmail.com>
c9aa2eeb · CorrectRoadH · GitHub · 63d6b6f9 · c9aa2eeb
Unverified Commit c9aa2eeb authored Jun 30, 2023 by CorrectRoadH Committed by GitHub Jun 30, 2023
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 0 deletions

jwt.go server/jwt.go +5 -0

No files found.
--- a/server/jwt.go
+++ b/server/jwt.go
@@ -111,6 +111,11 @@ func JWTMiddleware(server *Server, next echo.HandlerFunc, secret string) echo.Ha
 			}
 			return nil, errors.Errorf("unexpected access token kid=%v", t.Header["kid"])
 		})
+
+		if !accessToken.Valid {
+			return echo.NewHTTPError(http.StatusUnauthorized, "Invalid access token.")
+		}
+
 		if !audienceContains(claims.Audience, auth.AccessTokenAudienceName) {
 			return echo.NewHTTPError(http.StatusUnauthorized, fmt.Sprintf("Invalid access token, audience mismatch, got %q, expected %q.", claims.Audience, auth.AccessTokenAudienceName))
 		}